Installing a PatchWhenever a patch is released to fix an issue in the code, a notice is sent directly to yourAdmin Inbox. If the update is security related, the incoming message is color-codedred, and marked as a “Critical Update.”
The following instructions explain how to download and install a patch, starting with anotice that appears in your Admin Inbox. The example takes place on a Windowssystem, and uses the WinSCP utility to upload patch files to the server, and Putty toaccess the server from the command line. You can download both utilities at no charge.If you are a Mac user, you can access the command line with Terminal.
If this is the first time you have installed a patch, we recommend that you completethe optional steps to create a backup copy of your store and install a patch as a testrun. If you have experience installing patches, you can take the fast track and skip theoptional steps. For advanced instructions, see the following articles in the Magentodeveloper documentation:
How to Apply and Revert Magento Patches
Recommended File System Ownership and Privileges
Before you begin...To install a patch, you must have a user name and password to access the server. Inaddition to your own login credentials, you might also need the apache password. Ifyou don’t have these credentials, contact the person who set up your server.
Process Overview:Step 1: Download the PatchStep 2: Set the Necessary PermissionsStep 3: Create a Backup of theMagento Folder (Optional)Step 4: Upload the PatchStep 5: Install the Patch on the Backup (Optional)Step 6: Install the Patch to Your StoreStep 7: A Little Housekeeping (Optional)Step 8: Look for Signs of Unauthorized AccessStep 9: Clear theMagento CacheStep 10: Recompile the Store (Only if compiled)Step 11: Restart the Server
Step 1: Download the Patch
1. When you receive the message in your Inbox, click the Read details link to open theaccount login page. Then, log in to your account.
2. In the panel on the left, select Downloads. Click to expand the Magento EnterpriseEdition section. Then, click Support Patches.
Your Magento Account
3. In the list, find the patch that you want to install. Then, click to expand the section.
4. Find the patch for the specific version of Magento Enterprise that’s installed on yourserver, and click the Download button. If you don’t know which version of MagentoEnterprise is installed on your server, you can find it in the footer of the Admin.
Magento Version in Footer
a. Click the Download button. Then, look for the downloaded file in the lower-left cornerof your browser.
Show Downloads Folder
b. Click the down arrow next to the downloaded file name to display the menu. Then,select Show in folder. The patch is saved to the Download folder of your desktopcomputer.
Downloaded Patch Files
Magento Enterprise Edition Installing a Patch
Updated 5/4/2015 3
Magento Enterprise Edition Installing a Patch
Step 2: Set the Necessary Permissions
For a live store, permissions are locked down to prevent unauthorized access. However, youmust change the permissions of the contents of the Magento installation folder before youcan install the patch. In the following instructions, Putty is used to access the commandline and change the permissions.
1. Click the Start button in the lower-left corner of your desktop, and launch Putty. Whenprompted, enter the Host Name or IP Address of your store, and click the Open button.
2. Servers have different directory structures, and the path to your Magento installation folderis most likely different from the one shown in the examples. Depending on your server, thepath to your Magento installation folder might be one of the following:
SERVER PATH
Ubuntu /var/www/magento
CentOS /var/www/html/magento
From the command line, use the Change Directory command to navigate to your Magentoinstallation folder. In this example, Magento is installed on a CentOS server, and theMagento installation folder is located three levels below the html folder.
cd /var/www/html/stores/ee/magento
3. List the directory to check the permission status of the magento folder. To install a patch,you must temporarily change the folder permissions. After the patch is installed, you canrestore the appropriate permissions to your live store.
ls -l
The second column shows the current permission settings for the contents of the magentofolder. It includes a combination of read only, read/write, and execute permissions,depending on the type of folder or file. Take note of the owner and group in the next twocolumns. You might not need this information, but it’s good to know. In this example,each folder and file is owned by the apache user and belongs to the root group.
Updated 5/4/2015 4
Recommended Permissions for a Live Store
4. To install a patch, you must change the permissions to allow the necessary files to becopied and overwritten, and to make it possible for the script to execute. Enter thefollowing commands to change the permissions of the directories and files in the folder.Then, list the directory.
To save time, copy each command from the example, and press the mouse button to paste itinto the command line.
find . -type d -exec chmod 700 {} \;
find . -type f -exec chmod 600 {} \;
ls -l
Open Up Permissions
If your Magento installation is on a shared virtual server, you might need to begin eachcommand as a sudo super administrator:
sudo find . -type d -exec chmod 700 {} \;
sudo find . -type f -exec chmod 600 {} \;
sudo ls -l
Magento Enterprise Edition Installing a Patch
Updated 5/4/2015 5
Magento Enterprise Edition Installing a Patch
The first column in the directory listing shows the updated permission settings. After thepatch is installed, you will restore the recommended permissions to your store.
Updated Permissions
Step 3: Create a Backup of the Magento Folder (Optional)
1. Use the Change Directory command, followed by two dots, to move up one level in thedirectory tree. Then, list the directory so you can see the magento folder.
cd ..
ls -l
2. Enter the following command to create a new folder called backup.
mkdir backup
ls -l
a. If you get a “Permission denied” message, add sudo to the beginning of the MakeDirectory command. Then, list the directory to see the folder that you created.
sudo mkdir backup
sudo ls -l
b. The backup folder must have the same owner and group as the magento folder. Ifnot, use the Change Owner command to change the ownership of the backup folderand its contents.
Updated 5/4/2015 6
In this command, the backup folder is assigned to the apache user and root group,and followed by a single dot. (Don’t forget to use sudo if you need super administratoraccess.)
chown -hR apache:root backup .
ls -l
c. Enter the “Who am I” command to make sure that you are logged in as the correctowner.
whoami
d. If you are not logged in as the apache user, enter the following command. Whenprompted, enter the password for the apache user account.
su - apache
Notice that the prompt has changed. You are now in the bash folder of the apacheuser. While you’re logged in as the apache user, you won’t need to use sudo for superadministrator access.
3. Use the Change Directory command to return to the location of your magento and backupfolders. List the directory to see where you are. Then, check to see who you are.
cd /var/www/html/stores/ee
ls -l
whoami
Backup Folder with Correct Owner and Group
4. Copy the contents of the magento folder to the backup folder.
cp -r magento/* backup
Magento Enterprise Edition Installing a Patch
Updated 5/4/2015 7
Magento Enterprise Edition Installing a Patch
5. Wait for the process to complete and for the system prompt to return. Then, take a look atthe contents of the backup folder to make sure the files were copied.
cd backup
ls -l
cd ..
6. Because you’ll be working with the backup folder for awhile, it’s a good idea to restore theoriginal permissions to your magento folder before continuing.
Enter the following commands to restore the recommended permissions to the magentofolder. Then, list the directory to verify that the permissions are restored.
To save time, copy each command from the example, and press the mouse button to paste itinto the command line.
ls -l
cd magento
find . -type d -exec chmod 500 {} \;
find . -type f -exec chmod 400 {} \;
find var/ -type f -exec chmod 600 {} \;
find media/ -type f -exec chmod 600 {} \;
find var/ -type d -exec chmod 700 {} \;
find media/ -type d -exec chmod 700 {} \;
ls -l
Lock Down Permissions
Updated 5/4/2015 8
Locked Down Permissions
Step 4: Upload the Patch
1. To avoid permission problems when you upload the patch from your desktop, create afolder for the patch that has no restrictive permissions. From Putty, navigate back to thelevel of the magento and backup folders. Then, make a new folder called patch, andchange the permissions of the folder to 777.
cd ..
ls -l
mkdir patch
chmod 777 patch
ls -l
You now have three folders with very different permissions. The patch folder is wide openwith read, write and execute permissions. For this limited purpose, it’s OK.
Folders with Different Permissions
2. Return to your desktop, and launch WinSCP, or a similar tool. Then, log in to the server.
Magento Enterprise Edition Installing a Patch
Updated 5/4/2015 9
Magento Enterprise Edition Installing a Patch
3. In the right pane, navigate on the server to the location of the patch folder.
4. In the left pane, navigate to your Downloads folder, and find the patch file that youdownloaded. Drag it over to the right pane, and drop it on the patch folder.
Upload the Patch File
Step 5: Install the Patch to the Backup (Optional)
1. Return to Putty in the directory where the patch, backup, and magento folders arelocated. Change directories into the patch folder, and list a directory to verify that thepatch file is there. Then, copy the patch file up one level. (Just remember—two dots up,one dot down.)
Now the patch file is at the same level as the backup and magento folders, where it can beeasily accessed.
Patch File Uploaded and Ready to Go
Updated 5/4/2015 10
2. Because the temporary patch folder has served its purpose, enter the following commandto remove it from the server:
rm -rf patch
ls -l
3. Copy the patch file to the backup folder. Then, change directories to the backup folder,and list the directory. You should see the patch file in the directory.
4. To install the patch, use the appropriate syntax for the type of patch, and substitute thefile name of the patch to be installed. There are two command formats, depending on thepatch file name extension. To avoid typos, copy the patch file name from Putty, and pasteit into Notepad. Then, add the required command syntax, paste it into the command line,and press Enter.
EXTENSION COMMAND SYNTAX
.sh sh [patch_filename.sh]
.patch patch –p0 < [patch_filename.patch]
sh PATCH_SUPEE-5344_EE_1.14.1.0_v1-2015-02-10-04-20-13.sh
The following message appears if the installation succeeds:
Patch was applied/reverted successfully.
If the patch is already installed on your computer, an error message appears. You don’tneed to install it again.
So that’s really all there is to it. It might seem rather anticlimactic after so muchpreparation, but it’s important to understand the process before you apply the patch toyour store.
Magento Enterprise Edition Installing a Patch
Updated 5/4/2015 11
Magento Enterprise Edition Installing a Patch
5. The next step is to change directories to the magento folder, and reset the permissions sothe patch can be copied and installed to your live store. Then, you will copy the patch fileto the magento folder.
1. From your magento folder, enter the appropriate command to install the patch, and pressEnter.
EXTENSION COMMAND SYNTAX
.sh sh [patch_filename.sh]
.patch patch –p0 < [patch_filename.patch]
To avoid typos, copy the name of the patch file from your Downloads folder and paste it intoNotepad. Complete the required command syntax, and copy it to the clipboard. Then, press themouse button to paste it into the command line.
sh PATCH_SUPEE-5344_EE_1.14.1.0_v1-2015-02-10-04-20-13.sh
2. When the process is complete, remove the patch file from the magento folder.
1. Log in to the Admin of your store. Then on the Admin menu, select System > Users anddo the following:
a. Verify that there are no unauthorized user accounts in the list.
b. If you find an unknown user account in the list, click to open the account. Then, clickthe Delete User button.
2. On the Admin menu, select System > Admin Actions Log. Then, do the following:
a. Check the IP Address column for anything unfamiliar. To see the full URL, mouseover the address.
b. Check the Username column for any unfamiliar users.
c. To find specific types of activities, set the filter at the top of the Action Group columnto the type of activity you want to examine.
d. To see the full entry for any activity, click the View link at the end of the row. Then,click the Back button to return to the list.
e. To export the log to a CSV file, click the Export button.
Admin Actions Log
To learn about more signs of unauthorized access, see: Critical Security Advisory. If yoususpect that your site is compromised, contact the security department of your hostingcompany and request an audit.
The final step is to restart the server to flush any remaining caches, such as the APCand/or Zend OpCache. The following steps show how to gracefully restart the serverwithout disrupting pages from being served, or causing loss of data.
1. If your server has a control panel such as cPanel, look for the option to gracefully rebootthe server. On cPanel, select Home > System Reboot > Graceful Server Reboot.
2. To gracefully restart from the command line, do the following:
a. The syntax to restart the server from the command line varies by operating system. Tofind the version that is running on your server, enter the following:
cat /etc/issue
b. Use the appropriate command to gracefully restart the server. If necessary, begin thecommand with sudo.
apachectl -k graceful
CentOS / Fedora / Redhat
apache2ctl graceful
Debian / Ubuntu
3. To end the session, close both the Putty and WinSCP windows.
If you have more than one server, make sure to install the patch on all Magento servers.
![[Magento Imagine 2011] 5 Ways to Supercharge Your Magento Enterprise Site](https://static.documents.pub/doc/80x56/55d5222abb61eb6c7d8b45cf/magento-imagine-2011-5-ways-to-supercharge-your-magento-enterprise-site.jpg)
